Welcome to the Linux Foundation Forum!

networking/security

I want to dive into the topics networking/security. I have some working knowledge of Linux: I use Ubuntu Linux, Chakra Linux, Puppy Linux. And I know the terminal well.

My question: where to start? What books do you recommend that I should read on these topics? Where did you start? Btw, I have a higher education.

Any help on this is more than welcome.

Comments

  • Goineasy9
    Goineasy9 Posts: 1,114
    I've kept this bookmark around for quite a few years, because it contains links to a lot of security documents. While it is a broad "Linux Security" article, it also contains links to network based security pages.

    https://isc.sans.edu//diary.html?storyid=3514

    BTW - It was written in 2007, but most of the links point to recent versions (Like the fedora link links to F16). Even though it's a few years old, the methods haven't changed much and are still worth reading.
  • Thank you for your answers.
  • mfillpot
    mfillpot Posts: 2,177
    If you really want to understand various security controls in Linux based systems, then I highly recommend checking out gentoo or Linux From Scratch so that you can install a system from the core components without any built-in security controls. This will allow you to hand configure the controls you wish to implement and will force you to watch the vulnerability lists to maintain a secure systems. The greater purpose is to force you to use that system as your primary system so that the necessary research and testing is forced upon you.

    You should also checkout backtrack http://distrowatch.com/table.php?distribution=backtrack so that you can test and learn about various network and physical intrusion methods.

    Can you share what aspect of Network Security you are most interested in such as packet analysis, port control, remote exploits, intrusion detection systems, etc...?
  • Lol, all of it, Mfillpot. I am reading a book written by Patrick Engebretson, called "The Basics of Hacking and Penetration Testing." It covers the basics and it is just what I need. In this book he covers Backtrack.

    Are there books you can recommend? Have you ever used distributions such as IPcop Firewall?

    I will be grateful for your answers.

  • mfillpot
    mfillpot Posts: 2,177
    edited February 2012
    My favorite books are:
    Special Ops: http://www.amazon.com/Special-OPs-Network-Security-Microsoft/dp/1931836698
    Hack Proofing Linux: http://books.google.com/books/about/Hack_proofing_Linux.html?id=5vVy6F80gJ4C
    Guide to Network Defense and Countermeasures: http://books.google.com/books?id=XD0FAAAACAAJ&dq=guide+to+network+defense+and+countermeasures&hl=en&sa=X&ei=Ud49T860JIbi0QGHyt2vBw&ved=0CDwQ6AEwAQ

    Honestly security tactics and techniques change so often that books on the subject are outdated before they are published. You can use some of the information from the books as reference for past methods and to teach you the basic techniques, but the only way to really know what is going on is to get some hands on experience.

    To really understand what is going on I highly recommend setting up a snort ( http://www.snort.org/ ) server in a detached network and running attacks against various operating systems and applications from the backtrack disk, that logged traffic will show you common patterns and attack portals.

    Ipcop is a user friendly firewall solution, personally I prefer scripting modifications to a stock iptables firewall than going through a gui or restricted setup. You can see my firewall script from a couple of revisions ago at http://pastebin.com/8bzyUG5F

    As for what distributions I use, I am a loyal slackware user. Pat's diligence in testing software, watching vulnerabilities and simplifying the installation base makes is very easy to build a very secure system. I consider the lack of PAM and SeLinux a benefit because it removed the potential for configuration mistakes and eliminates the vulnerabity histories of that software from my mind. An important rule is to keep your security solutions simple, the simplicity reduces complexity and attack vectors.
  • Great answer, mfillpot. I can work with that. Thank you.

Categories

Upcoming Training